@socketsecurity/lib 5.2.1 → 5.3.0

package/dist/releases/github.d.ts

@@ -18,162 +18,81 @@ export interface RepoConfig {
      */
     repo: string;
 }
-/**
- * Get latest release tag matching a tool prefix.
- *
- * Searches recent releases for the first tag matching the given prefix.
- * Useful for finding latest versions of tools with date-based tags like
- * `node-smol-20260105-c47753c` or `binject-20260106-1df5745`.
- *
- * @param toolPrefix - Tool name prefix to search for (e.g., 'node-smol-', 'binject-')
- * @param repoConfig - Repository configuration (owner/repo)
- * @param options - Additional options
- * @returns Latest release tag or null if not found
- *
- * @example
- * ```ts
- * const tag = await getLatestRelease('node-smol-', {
- *   owner: 'SocketDev',
- *   repo: 'socket-btm'
- * })
- * // Returns: 'node-smol-20260105-c47753c'
- * ```
- */
-export declare function getLatestRelease(toolPrefix: string, repoConfig: RepoConfig, options?: {
-    quiet?: boolean;
-}): Promise<string | null>;
-/**
- * Get download URL for a specific release asset.
- *
- * @param tag - Release tag name (e.g., 'node-smol-20260105-c47753c')
- * @param assetName - Asset name to download (e.g., 'node-linux-x64-musl')
- * @param repoConfig - Repository configuration (owner/repo)
- * @param options - Additional options
- * @returns Browser download URL for the asset
- *
- * @example
- * ```ts
- * const url = await getReleaseAssetUrl(
- *   'node-smol-20260105-c47753c',
- *   'node-linux-x64-musl',
- *   { owner: 'SocketDev', repo: 'socket-btm' }
- * )
- * ```
- */
-export declare function getReleaseAssetUrl(tag: string, assetName: string, repoConfig: RepoConfig, options?: {
-    quiet?: boolean;
-}): Promise<string | null>;
-/**
- * Download a specific release asset.
- *
- * Uses browser_download_url to avoid consuming GitHub API quota.
- * Automatically follows redirects and retries on failure.
- *
- * @param tag - Release tag name
- * @param assetName - Asset name to download
- * @param outputPath - Path to write the downloaded file
- * @param repoConfig - Repository configuration (owner/repo)
- * @param options - Additional options
- *
- * @example
- * ```ts
- * await downloadReleaseAsset(
- *   'node-smol-20260105-c47753c',
- *   'node-linux-x64-musl',
- *   '/path/to/output/node',
- *   { owner: 'SocketDev', repo: 'socket-btm' }
- * )
- * ```
- */
-export declare function downloadReleaseAsset(tag: string, assetName: string, outputPath: string, repoConfig: RepoConfig, options?: {
-    quiet?: boolean;
-}): Promise<void>;
 /**
  * Configuration for downloading a GitHub release.
  */
 export interface DownloadGitHubReleaseConfig {
-    /**
-     * GitHub repository owner/organization.
-     */
+    /** GitHub repository owner/organization. */
     owner: string;
-    /**
-     * GitHub repository name.
-     */
+    /** GitHub repository name. */
     repo: string;
-    /**
-     * Working directory (defaults to process.cwd()).
-     * Used to resolve relative paths in downloadDir.
-     */
+    /** Working directory (defaults to process.cwd()). */
     cwd?: string;
-    /**
-     * Download destination directory.
-     * Can be absolute or relative to cwd.
-     * @default 'build/downloaded' (relative to cwd)
-     */
+    /** Download destination directory. @default 'build/downloaded' */
     downloadDir?: string;
-    /**
-     * Tool name for directory structure (e.g., 'node-smol', 'binject', 'lief').
-     * Creates subdirectory: {downloadDir}/{toolName}/{platformArch}/
-     */
+    /** Tool name for directory structure. */
     toolName: string;
-    /**
-     * Platform-arch identifier (e.g., 'linux-x64-musl', 'darwin-arm64').
-     * Used for the download directory path.
-     */
+    /** Platform-arch identifier (e.g., 'linux-x64-musl'). */
     platformArch: string;
-    /**
-     * Binary filename (e.g., 'node', 'binject', 'lief', 'node.exe').
-     */
+    /** Binary filename (e.g., 'node', 'binject'). */
     binaryName: string;
-    /**
-     * Asset name on GitHub (e.g., 'node-linux-x64-musl', 'binject-darwin-arm64').
-     */
+    /** Asset name on GitHub. */
     assetName: string;
-    /**
-     * Tool prefix for finding latest release (e.g., 'node-smol-', 'binject-').
-     * Either this or `tag` must be provided.
-     */
+    /** Tool prefix for finding latest release. */
     toolPrefix?: string;
-    /**
-     * Specific release tag to download (e.g., 'node-smol-20260105-c47753c').
-     * If not provided, uses `toolPrefix` to find the latest release.
-     */
+    /** Specific release tag to download. */
     tag?: string;
-    /**
-     * Suppress log messages.
-     * @default false
-     */
+    /** Suppress log messages. @default false */
     quiet?: boolean;
-    /**
-     * Remove macOS quarantine attribute after download.
-     * Only applies when downloading on macOS for macOS binaries.
-     * @default true
-     */
+    /** Remove macOS quarantine attribute after download. @default true */
     removeMacOSQuarantine?: boolean;
 }
 /**
  * Download a binary from any GitHub repository with version caching.
  *
- * Downloads to: `{downloadDir}/{toolName}/{platformArch}/{binaryName}`
- * Caches version in: `{downloadDir}/{toolName}/{platformArch}/.version`
- *
  * @param config - Download configuration
  * @returns Path to the downloaded binary
- *
- * @example
- * ```ts
- * // Download from any GitHub repo
- * const nodePath = await downloadGitHubRelease({
- *   owner: 'nodejs',
- *   repo: 'node',
- *   cwd: process.cwd(),
- *   downloadDir: 'build/downloaded',  // relative to cwd
- *   toolName: 'node',
- *   platformArch: 'linux-x64',
- *   binaryName: 'node',
- *   assetName: 'node-v20.10.0-linux-x64.tar.gz',
- *   tag: 'v20.10.0'
- * })
- * ```
  */
 export declare function downloadGitHubRelease(config: DownloadGitHubReleaseConfig): Promise<string>;
+/**
+ * Download a specific release asset.
+ *
+ * @param tag - Release tag name
+ * @param assetName - Asset name to download
+ * @param outputPath - Path to write the downloaded file
+ * @param repoConfig - Repository configuration (owner/repo)
+ * @param options - Additional options
+ */
+export declare function downloadReleaseAsset(tag: string, assetName: string, outputPath: string, repoConfig: RepoConfig, options?: {
+    quiet?: boolean;
+}): Promise<void>;
+/**
+ * Get GitHub authentication headers if token is available.
+ * Checks GH_TOKEN or GITHUB_TOKEN environment variables.
+ *
+ * @returns Headers object with Authorization header if token exists.
+ */
+export declare function getAuthHeaders(): Record<string, string>;
+/**
+ * Get latest release tag matching a tool prefix.
+ *
+ * @param toolPrefix - Tool name prefix to search for (e.g., 'node-smol-')
+ * @param repoConfig - Repository configuration (owner/repo)
+ * @param options - Additional options
+ * @returns Latest release tag or null if not found
+ */
+export declare function getLatestRelease(toolPrefix: string, repoConfig: RepoConfig, options?: {
+    quiet?: boolean;
+}): Promise<string | null>;
+/**
+ * Get download URL for a specific release asset.
+ *
+ * @param tag - Release tag name
+ * @param assetName - Asset name to download
+ * @param repoConfig - Repository configuration (owner/repo)
+ * @param options - Additional options
+ * @returns Browser download URL for the asset
+ */
+export declare function getReleaseAssetUrl(tag: string, assetName: string, repoConfig: RepoConfig, options?: {
+    quiet?: boolean;
+}): Promise<string | null>;

package/dist/releases/github.js

@@ -1,10 +1,8 @@
 "use strict";
 /* Socket Lib - Built with esbuild */
-var __create = Object.create;
 var __defProp = Object.defineProperty;
 var __getOwnPropDesc = Object.getOwnPropertyDescriptor;
 var __getOwnPropNames = Object.getOwnPropertyNames;
-var __getProtoOf = Object.getPrototypeOf;
 var __hasOwnProp = Object.prototype.hasOwnProperty;
 var __export = (target, all) => {
   for (var name in all)
@@ -18,33 +16,33 @@ var __copyProps = (to, from, except, desc) => {
   }
   return to;
 };
-var __toESM = (mod, isNodeMode, target) => (target = mod != null ? __create(__getProtoOf(mod)) : {}, __copyProps(
-  // If the importer is in node compatibility mode or this is not an ESM
-  // file that has been converted to a CommonJS file using a Babel-
-  // compatible transform (i.e. "__esModule" has not been set), then set
-  // "default" to the CommonJS "module.exports" for node compatibility.
-  isNodeMode || !mod || !mod.__esModule ? __defProp(target, "default", { value: mod, enumerable: true }) : target,
-  mod
-));
 var __toCommonJS = (mod) => __copyProps(__defProp({}, "__esModule", { value: true }), mod);
 var github_exports = {};
 __export(github_exports, {
   SOCKET_BTM_REPO: () => SOCKET_BTM_REPO,
   downloadGitHubRelease: () => downloadGitHubRelease,
   downloadReleaseAsset: () => downloadReleaseAsset,
+  getAuthHeaders: () => getAuthHeaders,
   getLatestRelease: () => getLatestRelease,
   getReleaseAssetUrl: () => getReleaseAssetUrl
 });
 module.exports = __toCommonJS(github_exports);
-var import_node_fs = require("node:fs");
-var import_promises = require("node:fs/promises");
-var import_node_path = __toESM(require("node:path"));
-var import_fs = require("../fs.js");
+var import_fs = require("fs");
+var import_promises = require("fs/promises");
+var import_fs2 = require("../fs.js");
 var import_http_request = require("../http-request.js");
 var import_logger = require("../logger.js");
 var import_promises2 = require("../promises.js");
 var import_spawn = require("../spawn.js");
 const logger = (0, import_logger.getDefaultLogger)();
+let _path;
+// @__NO_SIDE_EFFECTS__
+function getPath() {
+  if (_path === void 0) {
+    _path = require("path");
+  }
+  return _path;
+}
 const SOCKET_BTM_REPO = {
   owner: "SocketDev",
   repo: "socket-btm"
@@ -58,6 +56,100 @@ const RETRY_CONFIG = Object.freeze({
   // Maximum number of retry attempts (excluding initial request).
   retries: 2
 });
+async function downloadGitHubRelease(config) {
+  const {
+    assetName,
+    binaryName,
+    cwd = process.cwd(),
+    downloadDir = "build/downloaded",
+    owner,
+    platformArch,
+    quiet = false,
+    removeMacOSQuarantine = true,
+    repo,
+    tag: explicitTag,
+    toolName,
+    toolPrefix
+  } = config;
+  let tag;
+  if (explicitTag) {
+    tag = explicitTag;
+  } else if (toolPrefix) {
+    const latestTag = await getLatestRelease(
+      toolPrefix,
+      { owner, repo },
+      { quiet }
+    );
+    if (!latestTag) {
+      throw new Error(`No ${toolPrefix} release found in ${owner}/${repo}`);
+    }
+    tag = latestTag;
+  } else {
+    throw new Error("Either toolPrefix or tag must be provided");
+  }
+  const path = /* @__PURE__ */ getPath();
+  const resolvedDownloadDir = path.isAbsolute(downloadDir) ? downloadDir : path.join(cwd, downloadDir);
+  const binaryDir = path.join(resolvedDownloadDir, toolName, platformArch);
+  const binaryPath = path.join(binaryDir, binaryName);
+  const versionPath = path.join(binaryDir, ".version");
+  if ((0, import_fs.existsSync)(versionPath) && (0, import_fs.existsSync)(binaryPath)) {
+    const cachedVersion = (await (0, import_promises.readFile)(versionPath, "utf8")).trim();
+    if (cachedVersion === tag) {
+      if (!quiet) {
+        logger.info(`Using cached ${toolName} (${platformArch}): ${binaryPath}`);
+      }
+      return binaryPath;
+    }
+  }
+  if (!quiet) {
+    logger.info(`Downloading ${toolName} for ${platformArch}...`);
+  }
+  await downloadReleaseAsset(
+    tag,
+    assetName,
+    binaryPath,
+    { owner, repo },
+    { quiet }
+  );
+  const isWindows = binaryName.endsWith(".exe");
+  if (!isWindows) {
+    (0, import_fs.chmodSync)(binaryPath, 493);
+    if (removeMacOSQuarantine && process.platform === "darwin" && platformArch.startsWith("darwin")) {
+      try {
+        await (0, import_spawn.spawn)("xattr", ["-d", "com.apple.quarantine", binaryPath], {
+          stdio: "ignore"
+        });
+      } catch {
+      }
+    }
+  }
+  await (0, import_promises.writeFile)(versionPath, tag, "utf8");
+  if (!quiet) {
+    logger.info(`Downloaded ${toolName} to ${binaryPath}`);
+  }
+  return binaryPath;
+}
+async function downloadReleaseAsset(tag, assetName, outputPath, repoConfig, options = {}) {
+  const { owner, repo } = repoConfig;
+  const { quiet = false } = options;
+  const downloadUrl = await getReleaseAssetUrl(
+    tag,
+    assetName,
+    { owner, repo },
+    { quiet }
+  );
+  if (!downloadUrl) {
+    throw new Error(`Asset ${assetName} not found in release ${tag}`);
+  }
+  const path = /* @__PURE__ */ getPath();
+  await (0, import_fs2.safeMkdir)(path.dirname(outputPath));
+  await (0, import_http_request.httpDownload)(downloadUrl, outputPath, {
+    logger: quiet ? void 0 : logger,
+    progressInterval: 10,
+    retries: 2,
+    retryDelay: 5e3
+  });
+}
 function getAuthHeaders() {
   const token = process.env["GH_TOKEN"] || process.env["GITHUB_TOKEN"];
   const headers = {
@@ -156,103 +248,12 @@ async function getReleaseAssetUrl(tag, assetName, repoConfig, options = {}) {
     }
   );
 }
-async function downloadReleaseAsset(tag, assetName, outputPath, repoConfig, options = {}) {
-  const { owner, repo } = repoConfig;
-  const { quiet = false } = options;
-  const downloadUrl = await getReleaseAssetUrl(
-    tag,
-    assetName,
-    { owner, repo },
-    { quiet }
-  );
-  if (!downloadUrl) {
-    throw new Error(`Asset ${assetName} not found in release ${tag}`);
-  }
-  await (0, import_fs.safeMkdir)(import_node_path.default.dirname(outputPath));
-  await (0, import_http_request.httpDownload)(downloadUrl, outputPath, {
-    logger: quiet ? void 0 : logger,
-    progressInterval: 10,
-    retries: 2,
-    retryDelay: 5e3
-  });
-}
-async function downloadGitHubRelease(config) {
-  const {
-    assetName,
-    binaryName,
-    cwd = process.cwd(),
-    downloadDir = "build/downloaded",
-    owner,
-    platformArch,
-    quiet = false,
-    removeMacOSQuarantine = true,
-    repo,
-    tag: explicitTag,
-    toolName,
-    toolPrefix
-  } = config;
-  let tag;
-  if (explicitTag) {
-    tag = explicitTag;
-  } else if (toolPrefix) {
-    const latestTag = await getLatestRelease(
-      toolPrefix,
-      { owner, repo },
-      { quiet }
-    );
-    if (!latestTag) {
-      throw new Error(`No ${toolPrefix} release found in ${owner}/${repo}`);
-    }
-    tag = latestTag;
-  } else {
-    throw new Error("Either toolPrefix or tag must be provided");
-  }
-  const resolvedDownloadDir = import_node_path.default.isAbsolute(downloadDir) ? downloadDir : import_node_path.default.join(cwd, downloadDir);
-  const binaryDir = import_node_path.default.join(resolvedDownloadDir, toolName, platformArch);
-  const binaryPath = import_node_path.default.join(binaryDir, binaryName);
-  const versionPath = import_node_path.default.join(binaryDir, ".version");
-  if ((0, import_node_fs.existsSync)(versionPath) && (0, import_node_fs.existsSync)(binaryPath)) {
-    const cachedVersion = (await (0, import_promises.readFile)(versionPath, "utf8")).trim();
-    if (cachedVersion === tag) {
-      if (!quiet) {
-        logger.info(`Using cached ${toolName} (${platformArch}): ${binaryPath}`);
-      }
-      return binaryPath;
-    }
-  }
-  if (!quiet) {
-    logger.info(`Downloading ${toolName} for ${platformArch}...`);
-  }
-  await downloadReleaseAsset(
-    tag,
-    assetName,
-    binaryPath,
-    { owner, repo },
-    { quiet }
-  );
-  const isWindows = binaryName.endsWith(".exe");
-  if (!isWindows) {
-    (0, import_node_fs.chmodSync)(binaryPath, 493);
-    if (removeMacOSQuarantine && process.platform === "darwin" && platformArch.startsWith("darwin")) {
-      try {
-        await (0, import_spawn.spawn)("xattr", ["-d", "com.apple.quarantine", binaryPath], {
-          stdio: "ignore"
-        });
-      } catch {
-      }
-    }
-  }
-  await (0, import_promises.writeFile)(versionPath, tag, "utf8");
-  if (!quiet) {
-    logger.info(`Downloaded ${toolName} to ${binaryPath}`);
-  }
-  return binaryPath;
-}
 // Annotate the CommonJS export names for ESM import in node:
 0 && (module.exports = {
   SOCKET_BTM_REPO,
   downloadGitHubRelease,
   downloadReleaseAsset,
+  getAuthHeaders,
   getLatestRelease,
   getReleaseAssetUrl
 });